Closed wenhuaOpenx closed 4 years ago
We've set up LDAP authentication in frontend application.env file, and it works well to login via LDAP account. (We manaully add user ldap account to 'users' table) But in the backend side, the ldap etl job breaks because of authentication error. We're not sure if the format of the field value is correct, please advise.
This is what we write in the LDAP_USER_ETL.job file:
ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory ldap.context.provider.url=ldaps://corp.openx.com:[PORT#] ldap.context.security.principal=CN=Wenhua Wang,CN=wenhua.wang,OU=Users,OU=MenloPark,OU=US,OU=OpenX,DC=corp,DC=openx,DC=com ldap.context.security.credentials=[PASSWORD]
Job error: javax.naming.AuthenticationException: javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C0903D9, comment: AcceptSecurityContext error, data 52e, v2580^@]
ldap.context.security.principal should be the actual user name. Perhaps something like "openx\wenhua"
Thanks @mars-lan
Here are the format of configs we use in LDAP_USER_ETL_JOB file. It works well now.
Assume that: org name = company_1 ldap url = corp.company_1.com:636 ldap account = wherehows ldap password = wherehows_pwd
LDAP_USER_ETL_JOB: ldap.context.factory=com.sun.jndi.ldap.LdapCtxFactory
ldap.context.provider.url=ldaps://corp.company_1.com:636
ldap.context.security.principal=company_1\\wherehows
ldap.context.security.credentials=wherehows_pwd
ldap.search.domains=["DC=corp, DC=company_1, DC=com"]
ldap.search.return.attributes=["SamAccountName", "mail", "Name", "DisplayName", "Title", "EmployeeNumber", "Manager", "mail", "departmentNumber", "Department", "HireDate", "mail"]
Dear issue owner,
Thanks for your interest in WhereHows. We have recently announced DataHub which is the rebranding of WhereHows. LinkedIn improved the architecture of WhereHows and rebranded WhereHows into DataHub and replaced its metadata infrastructure in this direction. DataHub is a more advanced and improved metadata management product compared to WhereHows.
Unfortunately, we have to stop supporting WhereHows to better focus on DataHub and offer more help to DataHub users. Therefore, we will drop all issues related to WhereHows and will not accept any contribution for it. Active development for DataHub has already started on datahub
branch and will continue to live in there until it's finally merged to master and project is renamed to DataHub.
Please check the datahub
branch to get familar with DataHub.
Best, DataHub team
Can you give more detailed explanation about the attributes in LDAP_USER_ETL.job file please? And the format of the value of some attributes, such as ldap.search.return.attributes, ldap.group.search.return.attributes
Thanks!